Unrated severityNVD Advisory· Published Apr 17, 2020· Updated Aug 4, 2024
CVE-2020-11793
CVE-2020-11793
Description
A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash).
Affected products
65- WN/WebKitGTKdescription
- osv-coords64 versionspkg:rpm/almalinux/dleyna-rendererpkg:rpm/almalinux/frei0r-develpkg:rpm/almalinux/frei0r-pluginspkg:rpm/almalinux/frei0r-plugins-opencvpkg:rpm/almalinux/gnome-remote-desktoppkg:rpm/almalinux/gtk-docpkg:rpm/almalinux/gvfspkg:rpm/almalinux/LibRaw-develpkg:rpm/almalinux/libsouppkg:rpm/almalinux/libsoup-develpkg:rpm/almalinux/mutter-develpkg:rpm/almalinux/nautiluspkg:rpm/almalinux/nautilus-develpkg:rpm/almalinux/PackageKitpkg:rpm/almalinux/PackageKit-command-not-foundpkg:rpm/almalinux/PackageKit-cronpkg:rpm/almalinux/PackageKit-glibpkg:rpm/almalinux/PackageKit-glib-develpkg:rpm/almalinux/PackageKit-gstreamer-pluginpkg:rpm/almalinux/PackageKit-gtk3-modulepkg:rpm/almalinux/pipewirepkg:rpm/almalinux/pipewire0.2-develpkg:rpm/almalinux/pipewire0.2-libspkg:rpm/almalinux/pipewire-develpkg:rpm/almalinux/pipewire-docpkg:rpm/almalinux/pipewire-libspkg:rpm/almalinux/pipewire-utilspkg:rpm/almalinux/potracepkg:rpm/almalinux/pygobject3-develpkg:rpm/almalinux/python3-gobjectpkg:rpm/almalinux/python3-gobject-basepkg:rpm/almalinux/trackerpkg:rpm/almalinux/tracker-develpkg:rpm/almalinux/vte291pkg:rpm/almalinux/vte291-develpkg:rpm/almalinux/vte-profilepkg:rpm/almalinux/webrtc-audio-processingpkg:rpm/almalinux/xdg-desktop-portal-gtkpkg:rpm/opensuse/gtk3&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/webkit2gtk3&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP1pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP4pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208
< 0.6.0-3.el8+ 63 more
- (no CPE)range: < 0.6.0-3.el8
- (no CPE)range: < 1.6.1-7.el8
- (no CPE)range: < 1.6.1-7.el8
- (no CPE)range: < 1.6.1-7.el8
- (no CPE)range: < 0.1.8-3.el8
- (no CPE)range: < 1.28-2.el8
- (no CPE)range: < 1.36.2-10.el8
- (no CPE)range: < 0.19.5-2.el8
- (no CPE)range: < 2.62.3-2.el8
- (no CPE)range: < 2.62.3-2.el8
- (no CPE)range: < 3.32.2-48.el8
- (no CPE)range: < 3.28.1-14.el8
- (no CPE)range: < 3.28.1-14.el8
- (no CPE)range: < 1.1.12-6.el8
- (no CPE)range: < 1.1.12-6.el8
- (no CPE)range: < 1.1.12-6.el8
- (no CPE)range: < 1.1.12-6.el8
- (no CPE)range: < 1.1.12-6.el8
- (no CPE)range: < 1.1.12-6.el8
- (no CPE)range: < 1.1.12-6.el8
- (no CPE)range: < 0.3.6-1.el8
- (no CPE)range: < 0.2.7-6.el8
- (no CPE)range: < 0.2.7-6.el8
- (no CPE)range: < 0.3.6-1.el8
- (no CPE)range: < 0.3.6-1.el8
- (no CPE)range: < 0.3.6-1.el8
- (no CPE)range: < 0.3.6-1.el8
- (no CPE)range: < 1.15-3.el8
- (no CPE)range: < 3.28.3-2.el8
- (no CPE)range: < 3.28.3-2.el8
- (no CPE)range: < 3.28.3-2.el8
- (no CPE)range: < 2.1.5-2.el8
- (no CPE)range: < 2.1.5-2.el8
- (no CPE)range: < 0.52.4-2.el8
- (no CPE)range: < 0.52.4-2.el8
- (no CPE)range: < 0.52.4-2.el8
- (no CPE)range: < 0.3-9.el8
- (no CPE)range: < 1.6.0-1.el8
- (no CPE)range: < 2.32.4-1.1
- (no CPE)range: < 2.28.1-lp151.2.15.2
- (no CPE)range: < 2.28.1-2.50.3
- (no CPE)range: < 2.28.1-2.50.3
- (no CPE)range: < 2.28.1-3.49.2
- (no CPE)range: < 2.28.1-3.49.2
- (no CPE)range: < 2.28.1-3.49.2
- (no CPE)range: < 2.28.1-3.49.2
- (no CPE)range: < 2.28.1-2.50.3
- (no CPE)range: < 2.28.1-2.50.3
- (no CPE)range: < 2.28.1-2.50.3
- (no CPE)range: < 2.28.1-2.50.3
- (no CPE)range: < 2.28.1-2.50.3
- (no CPE)range: < 2.28.1-2.50.3
- (no CPE)range: < 2.28.1-3.49.2
- (no CPE)range: < 2.28.1-2.50.3
- (no CPE)range: < 2.28.1-2.50.3
- (no CPE)range: < 2.28.1-2.50.3
- (no CPE)range: < 2.28.1-2.50.3
- (no CPE)range: < 2.28.1-3.49.2
- (no CPE)range: < 2.28.1-2.50.3
- (no CPE)range: < 2.28.1-2.50.3
- (no CPE)range: < 2.28.1-2.50.3
- (no CPE)range: < 2.28.1-2.50.3
- (no CPE)range: < 2.28.1-2.50.3
- (no CPE)range: < 2.28.1-2.50.3
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- lists.opensuse.org/opensuse-security-announce/2020-05/msg00008.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3P4YISPE5QX4YD54GDRZIH2X5RCH3QGW/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3MQTRC6ITFTVS5R5Z24PMJS6FXJKGRD/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTKY2MWP6PB6TE3ZKOOMKX7HZUCQNYF6/mitrevendor-advisoryx_refsource_FEDORA
- security.gentoo.org/glsa/202006-08mitrevendor-advisoryx_refsource_GENTOO
- usn.ubuntu.com/4331-1/mitrevendor-advisoryx_refsource_UBUNTU
- webkitgtk.org/security/WSA-2020-0004.htmlmitrex_refsource_CONFIRM
- wpewebkit.org/security/WSA-2020-0004.htmlmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.